Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh-new-curves-02
Daniel Migault <daniel.migault@ericsson.com> Mon, 10 April 2017 15:07 UTC
Return-Path: <daniel.migault@ericsson.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50E9A1275C5 for <curdle@ietfa.amsl.com>; Mon, 10 Apr 2017 08:07:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mVx2aK5YVqCD for <curdle@ietfa.amsl.com>; Mon, 10 Apr 2017 08:06:58 -0700 (PDT)
Received: from usplmg21.ericsson.net (usplmg21.ericsson.net [198.24.6.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F0D01294F0 for <curdle@ietf.org>; Mon, 10 Apr 2017 08:06:58 -0700 (PDT)
X-AuditID: c6180641-80136980000058cf-f6-58eb593758c6
Received: from EUSAAHC004.ericsson.se (Unknown_Domain [147.117.188.84]) by (Symantec Mail Security) with SMTP id 9D.DC.22735.7395BE85; Mon, 10 Apr 2017 12:06:47 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC004.ericsson.se ([147.117.188.84]) with mapi id 14.03.0319.002; Mon, 10 Apr 2017 11:06:56 -0400
From: Daniel Migault <daniel.migault@ericsson.com>
To: Russ Housley <housley@vigilsec.com>
CC: Jim Schaad <ietf@augustcellars.com>, curdle <curdle@ietf.org>
Thread-Topic: [Curdle] Review of draft-ietf-curdle-cms-ecdh-new-curves-02
Thread-Index: AdKokxxO2cfh4aL8Tx2cBfTIJudH4gAQe8YAAADS2oABwVrhgACT05WAAAhQ4PA=
Date: Mon, 10 Apr 2017 15:06:54 +0000
Message-ID: <2DD56D786E600F45AC6BDE7DA4E8A8C118BC8A8E@eusaamb107.ericsson.se>
References: <059001d2a8a0$da207680$8e616380$@augustcellars.com> <96562891-0B33-448B-9E07-92775A4B2A88@vigilsec.com> <05d701d2a8b6$d1895bc0$749c1340$@augustcellars.com> <CADZyTk=BsoThAkfVVuvVjL2-ObDON9yEHb=PLJ68AmFe_v8x3Q@mail.gmail.com> <78AB16BB-A362-4283-9A16-24278435BCC1@vigilsec.com>
In-Reply-To: <78AB16BB-A362-4283-9A16-24278435BCC1@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.11]
Content-Type: multipart/alternative; boundary="_000_2DD56D786E600F45AC6BDE7DA4E8A8C118BC8A8Eeusaamb107erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAIsWRmVeSWpSXmKPExsUyuXRPiK555OsIg4kTbSy2LpzFbPHqxU12 i9XTv7M5MHtsnDOdzWPJkp9MHqvufGENYI7isklJzcksSy3St0vgyujq2MVa8C2q4tVLgwbG Hr8uRk4OCQETid8fZjN3MXJxCAlsYJR4v+oHK4SznFFiZudvFpAqNgEjibZD/ewgtoiAusTf +RfAbGYBR4l7X24xdjFycAgLeEgcmuwAUeIp0b5mLlS5n0TrpLdsIDaLgKrEmicPWUDKeQV8 JWa9l4ZYtYJJYvO/e0wgNZwCDhKn1p1nBbEZBcQkvp9awwSxSlzi1pP5TBBHC0gs2XOeGcIW lXj5+B8rhK0k8fH3fKjT8iU+tl0Es3kFBCVOznzCMoFRZBaSUbOQlM1CUgYR15FYsPsTG4St LbFs4WtmGPvMgcdMyOILGNlXMXKUFhfk5KYbGW5iBMbTMQk2xx2Me3s9DzEKcDAq8fAuCH8d IcSaWFZcmXuIUYKDWUmEN3UGUIg3JbGyKrUoP76oNCe1+BCjNAeLkjjvu/ILEUIC6Yklqdmp qQWpRTBZJg5OqQZGpoUKN9m4CrY+fRr3Mf6At9T3SAfvw2UZZ15cSwo7E3BodnbiioQfGUrT LxVM4JgwSVjILM2Ga92uzqfTO66GB/zxZK/9+WzH3jsFlfX8B93epbnnPr/E/2xGyrP+b6qu KRHb/Nq0r0++uLvzeafm/e1rOGSexp7UmhZ1YR+DTklB5Tbdk/eVlViKMxINtZiLihMBOxwc CaMCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/08bQXVZ-YIyXK7BsvP1WaPSnZN0>
Subject: Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh-new-curves-02
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2017 15:07:00 -0000
Thanks for the registries clarification. One more question, are you aware of any implementation of the drafts? Yours, Daniel From: Russ Housley [mailto:housley@vigilsec.com] Sent: Monday, April 10, 2017 11:03 AM To: Daniel Migault <daniel.migault@ericsson.com> Cc: Jim Schaad <ietf@augustcellars.com>; curdle <curdle@ietf.org> Subject: Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh-new-curves-02 Daniel: Thanks for the review. 1) nits tool the nits tools returns the following additional error: == The "Author's Address" (or "Authors' Addresses") section title is misspelled. Fixed. 2) section 2.1 defining KEK OLD: To generate a key-encryption key, generates one or more KM blocks, NEW: To generate a key-encryption key (KEK), KDF generates one or more KM blocks, Okay. I made that change. 3) section 2.2 defining HKDF OLD: The HKDF key derivation function is a robust construct based on a one-way hash function described in RFC 5869 [HKDF]. NEW: The HMAC-based Extract-and-Expand Key Derivation Function (HKDF) is a robust construct based on a one-way hash function described in RFC 5869 [HKDF]. Okay. I made that change. 4) IANA section: * Wouldn't it be appropriated to mention RFC7107 section 3.3 and section 3.6 for each allocation. RFC 7107 created the registries. I do not see any reason to point to that document for the assignment in the registries. * I have been recommended to ask to add the IANA link hosting the registries as an informational reference. In that case, that would be the following one: http://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-3 Okay. I handed a reference for the module arc and a reference for the algorithm arc. * The presentation in the IANA section differs from the one of RFC7107 which uses a table with Decimal , Description, Reference rather than using the OID presentation. I used the decimal presentation because that is used in the header of the registry by IANA. * I am wondering whether the current draft does not update RFC7107, in which case it should be mentioned in the header, abstract and introduction. What do you think ? No. RFC 7107 established the registry. It does not need to be updated for every assignment that takes place in those registries. Russ
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Daniel Migault
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Russ Housley
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Russ Housley
- [Curdle] Review of draft-ietf-curdle-cms-ecdh-new… Jim Schaad
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Russ Housley
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Jim Schaad
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Daniel Migault